< Previous standard ^ Up a level ^ Next standard >
ISO/IEC 27404 — Cybersecurity — IoT security and privacy — Cybersecurity labelling framework for consumer IoT [DRAFT]
Abstract
“This document defines a Universal Cybersecurity Labelling Framework for the development and implementation of cybersecurity labelling programmes for consumer IoT products.” [Source: ISO/IEC JTC 1/SC 27 SD11 July 2024]
Introduction
Although cybersecurity is seldom promoted as a feature of consumer-oriented IoT devices (things), it can be important. Inconsistent and unclear cybersecurity labelling does not help consumers appreciate their security and privacy objectives, nor evaluate and select things accordingly. Standardising the cybersecurity labelling of things is intended to improve consistency across the global market, increase consumer awareness and promote better cybersecurity designs.
Scope of the standard
[TBA]
Content of the standard
[TBA]
Status
Drafting started in 2022.
The standard is at Committee Draft stage, coming along nicely ... although CASCO has noted mix of requirements with guidance, and has other concerns from the conformity assessment perspective.
Personal comments
Singapore standard TR 91:2021 Cybersecurity labelling for consumer IoT provides a sound basis from which to develop this standard. Editorial changes are being made to adopt the more formal ISO/IEC style.
< Previous standard ^ Up a level ^ Next standard >
|